<?
session_start();
	$db_conf=array(
				'host'     => 'MARCO-PC',
				'username' => 'jqalendar',
				'password' => 'jqalendar',
				'dbname'   => 'jqalendar'
			);
	$cn = mssql_connect($db_conf['host'], $db_conf['username'],$db_conf['password'] );
	mssql_select_db($db_conf['dbname'],$cn);
if(isset($_POST['username'])){

	$result=mssql_query('SELECT [id],[username],[alias] FROM users WHERE [username] = "'.$_POST['username'].'" AND [password]="'.md5($_POST['password']).'"');
	if( mssql_num_rows($result)>0){
		
		$row=mssql_fetch_assoc($result);
		
		$_SESSION['auth']=$row;
		
		header('Location:index.php');
		die();
	}
}else if(isset($_GET['SessionId'])){
	$sql='SELECT users.id, users.username, users.alias FROM sessions INNER JOIN users ON sessions.user_id = users.id WHERE (sessions.session_id = \''.$_GET['SessionId'].'\')';
	
	$result=mssql_query($sql);
	if( mssql_num_rows($result)>0){
		
		$row=mssql_fetch_assoc($result);
		
		$_SESSION['auth']=$row;
		
		header('Location:index.php');
		die();
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Jqalendar login</title>
</head>


<body>
<form method="post">

Username:<input type="text" name="username"/><br />
Password:<input type="text" name="password"/><br />
<input type="submit"/>

</form>
</body>
</html>
